<html>
<head>
<style>
<!--
body         { font-family: Verdana; font-size: 10pt }
td           { font-family: Verdana; font-size: 10pt }
-->
</style>
<title>Instructions for installing the sample X.509 Certificates</title>
</head>
<body>
<h1>Instructions for installing the sample X.509 Certificates</h1>
<blockquote>
		<div style="border-style: dotted; border-width: 1px; padding: 4px">
			<b>Performance Note</b>: Certain security operations may run slow 
			using MakeCert generated certificates. Certificates issued from a 
			true Certificate Authority do not have this problem. This is a known 
			issue.</div>
		</blockquote>
<p>Included with WSE 2.0 are two certificates generated by the 
MakeCert tool provided in the Microsoft Platform Software Development Kit. The 
following table describes the certificates:</p>
<table border="1" width="100%" id="table1" bordercolorlight="#C0C0C0" cellspacing="0">
	<tr>
		<td><b>File Name</b></td>
		<td><b>Subject Name</b></td>
		<td><b>Key Identifier</b></td>
		<td><b>Store Location</b></td>
		<td><b>Private Key Password</b></td>
	</tr>
	<tr>
		<td>Client Private.pfx</td>
		<td>CN=WSE2QuickStartClient</td>
		<td>gBfo0147lM6cKnTbbMSuMVvmFY4=</td>
		<td>Current User</td>
		<td>wse2qs</td>
	</tr>
	<tr>
		<td>Server Private.pfx</td>
		<td>CN=WSE2QuickStartServer</td>
		<td>bBwPfItvKp3b6TNDq+14qs58VJQ=</td>
		<td>Local Machine</td>
		<td>wse2qs</td>
	</tr>
</table>

<p>To install these certificates:</p>
<ol>
	<li>Open an MMC console with the Certificates snap-in for the 
	appropriate store location. More details on this step can be found in the
	<a href="../readme.htm#certInstall">release notes</a> for the samples.<br>
    </li>
	<li>In the console tree, under <b>Personal</b>, click <b>Certificates</b>.
	</li>
	<li>To open the Certificate Import wizard, on the <b>All Tasks</b> menu, 
	click <b>Import</b>.</li>
	<li>Perform the following actions: 
	<ul>
		<li>Click the file containing the certificates you are importing. 
		</li>
		<li>When prompted to, type the password used to encrypt the private key. 
		The password for each file is indicated in the table above.</li>
		<li>Select the appropriate check box if you want the private key to be 
		exportable, and select whether you want to enable strong private key 
		protection. For the purposes of the WSE 2.0 samples, it is 
		recommended that you do not enable strong private key protection.</li>
		<li>Verify that the certificate will be kept in the &quot;Personal&quot; 
		certificate store.</li>
	</ul></li>
</ol>
<h2>Additional steps for the AsymmetricEncryption sample</h2>
<p>The AsymmetricEncryption sample demonstrate how a SOAP message sender encrypts a SOAP request. In order to encrypt the request, the sender in the samples 
encrypt the message with an X509SecurityToken using the public portion of the 
receiver. The <a href="../readme.htm#x509encryptionSteps">release notes</a> for 
the samples describe what needs to be done to properly execute these samples.</p>
<p>The public portion of the sample server certificate is provided in the file 
&quot;Server Public.cer&quot; as an added convenience. Import this certificate into the 
current user store using the same steps listed above. You will not be prompted for a 
password as there is no private key in this certificate.</p>

</body>
</html>
